12380000[.]dll[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

12380000.dll.exe
Size

377KB
MD5

c4cc7e3936ea3a8a7b0c87cc73ec9a42
SHA1

8e7e7bf9eb3e520e66b378edb37880f2d828b87a
SHA256

10dd98d6b88f37e7578e462d76ccd42103bd869e857d4883e587b45f5e8ff500
SHA512

0cc91c1f1206f6a11a3352a1c017b2010008ec53c7e98854a6c3ce550e2b91e320fff3ad4361bb88d037452fc4608c2bfaca8169fc9b78b00b5665b23e36ceed
SSDEEP

6144:sP5ukahaLVnNM45QV3JUtB0aFNmz1lZu+jo/ipJr2vlsJ8CkmAuZ5PJu0EtK:sP5ukahaNNLiBaFNmz1lZxjSiXrwsHpg

Score

N/A

Malware Config

Signatures

Files

12380000.dll.exe
.dll windows x64

a072f1c94318919296942cfa2776d23a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

_strnicmp
memcmp
memset
_strupr
strcpy
ZwQueryInformationProcess
ZwQueryKey
NtSuspendProcess
NtSetContextThread
RtlNtStatusToDosError
NtResumeProcess
NtGetContextThread
_wcsnicmp
LdrFindEntryForAddress
NtMapViewOfSection
NtUnmapViewOfSection
ZwClose
NtCreateSection
memmove
NtQuerySystemInformation
RtlInitUnicodeString
NtQueryInformationFile
NtQueryInformationProcess
NtQueryDirectoryFile
NtQueryObject
ZwOpenProcessToken
ZwOpenProcess
ZwQueryInformationToken
RtlEqualUnicodeString
NtSetInformationProcess
_snprintf
memcpy
__chkstk
__C_specific_handler
VirtualFree
RaiseException
CreateIoCompletionPort
PostQueuedCompletionStatus
GetSystemInfo
GetQueuedCompletionStatus
CreateWaitableTimerA
OpenThread
ResetEvent
HeapReAlloc
RemoveVectoredExceptionHandler
HeapAlloc
HeapFree
SetEvent
CreateEventA
HeapDestroy
HeapCreate
GetLastError
LocalAlloc
AddVectoredExceptionHandler
GetCurrentThreadId
GetVersion
LocalFree
GetSystemTime
SwitchToThread
lstrlenA
WideCharToMultiByte
lstrcatA
MultiByteToWideChar
lstrlenW
SetLastError
lstrcmpiW
lstrcatW
lstrcpyW
lstrcpyA
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleA
DeleteCriticalSection
CloseHandle
CreateThread
GetComputerNameW
CreateMutexA
GetCurrentProcessId
lstrcpynA
lstrcpynW
lstrcmpiA
SetEnvironmentVariableW
SetErrorMode
SetUnhandledExceptionFilter
OpenProcess
Sleep
TerminateProcess
GetProcAddress
WaitForMultipleObjects
LoadLibraryA
CreateDirectoryW
ReleaseMutex
GlobalDeleteAtom
GlobalAddAtomA
IsBadReadPtr
IsBadStringPtrA
CreateFileA
SetFilePointer
SetEndOfFile
ExpandEnvironmentStringsA
WriteFile
FreeLibrary
lstrcmpA
VirtualQuery
GetCurrentProcess
VirtualProtect
ExpandEnvironmentStringsW
GetVersionExW
GetFileSize
ReadFile
CreateFileW
GetTempPathW
GetLongPathNameW
WaitForSingleObjectEx
ReadProcessMemory
VirtualAlloc
VirtualAllocEx
GetModuleFileNameA
WriteProcessMemory
GetThreadContext
VirtualProtectEx
SuspendThread
ResumeThread
CopyFileW
GetFileAttributesExW
FindFirstFileW
CompareFileTime
lstrcmpW
FindClose
FindNextFileW
GetEnvironmentVariableW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
OpenEventA
GetSystemWindowsDirectoryA
SetFilePointerEx
GetFileInformationByHandleEx
SetFileInformationByHandle
GetProcessId
RemoveDirectoryW
DuplicateHandle
DeleteFileW
MulDiv
GetTickCount
GetSystemTimeAsFileTime
GetProcessTimes
GetLocaleInfoW
VerLanguageNameW
SetWaitableTimer
CancelWaitableTimer
SystemTimeToFileTime
AcceptEx
GetAcceptExSockaddrs

Exports

Exports

PluginRegisterCallbacks
VncStartServer
VncStopServer

Sections

.text
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a072f1c94318919296942cfa2776d23a

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 275KB - Virtual size: 274KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 26KB - Virtual size: 31KB

.pdata Size: 7KB - Virtual size: 6KB

.bss Size: 18KB - Virtual size: 18KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 275KB - Virtual size: 274KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 26KB - Virtual size: 31KB

.pdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 18KB - Virtual size: 18KB

.reloc
Size: 4KB - Virtual size: 4KB